CVE-2026-26324
Received Received - Intake
SSRF Bypass via IPv4-Mapped IPv6 in OpenClaw AI Assistant

Publication date: 2026-02-19

Last updated on: 2026-02-23

Assigner: GitHub, Inc.

Description
OpenClaw is a personal AI assistant. Prior to version 2026.2.14, OpenClaw's SSRF protection could be bypassed using full-form IPv4-mapped IPv6 literals such as `0:0:0:0:0:ffff:7f00:1` (which is `127.0.0.1`). This could allow requests that should be blocked (loopback / private network / link-local metadata) to pass the SSRF guard. Version 2026.2.14 patches the issue.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-19
Last Modified
2026-02-23
Generated
2026-06-10
AI Q&A
2026-02-20
EPSS Evaluated
2026-06-08
NVD
CVE-2026-26324
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
openclaw openclaw to 2026.2.14 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability affects OpenClaw, a personal AI assistant. Before version 2026.2.14, OpenClaw's Server-Side Request Forgery (SSRF) protection could be bypassed by using full-form IPv4-mapped IPv6 literals, such as '0:0:0:0:0:ffff:7f00:1', which corresponds to the IPv4 loopback address 127.0.0.1. This bypass allowed requests that should have been blockedβ€”such as those targeting loopback, private network, or link-local metadata addressesβ€”to pass through the SSRF protection.

Mitigation Strategies

To mitigate this vulnerability, you should upgrade OpenClaw to version 2026.2.14 or later, as this version patches the SSRF protection bypass issue.

Impact Analysis

This vulnerability can allow an attacker to bypass SSRF protections and send unauthorized requests to internal or sensitive network addresses that should normally be blocked. This could lead to unauthorized access to internal services or metadata endpoints, potentially exposing sensitive information or enabling further attacks within the internal network.

Compliance Impact

I don't know

Detection Guidance

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-26324. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart